<?php
/**
 * File to handle all API requests
 * Accepts GET and POST
 *
 * Each request will be identified by TAG
 * Response will be JSON data
 
  /**
 * check for POST request
 */
mysql_connect("localhost", "root", "root") or die(mysql_error());
mysql_select_db("test") or die(mysql_error());
if (isset($_POST['tag'])) {
    // get tag
    $tag = $_POST['tag'];
 
    // include db handler
    //require_once 'include/DB_Functions.php';
    //$db = new DB_Functions();
 
    // response Array
    $response = array("tag" => $tag, "success" => 0, "error" => 0);
 
    // check for tag type
    if ($tag == 'login') {
        // Request type is check Login
        $email = $_POST['email'];
        $password = $_POST['password'];
 	
        // check for user
        //$user = $db->getUserByEmailAndPassword($email, $password);
	$result = mysql_query("SELECT * FROM user WHERE login_id = '$email'") or die(mysql_error());
        // check for result
        $no_of_rows = mysql_num_rows($result);
        if ($no_of_rows > 0) {
            $result = mysql_fetch_array($result);
            //$salt = $result['salt'];
            $encrypted_password = $result['pwd'];
            $hash = md5($password);
            // check for password equality
            if ($encrypted_password == $hash) {
                // user authentication details are correct
                $user = $result;
            }
        } else {
            // user not found
            $user=false;
        }
        if ($user != false) {
            // user found
            // echo json with success = 1
            $response["success"] = 1;
	    $response["uid"] = $user["user_id"];
            $response["user"]["uid"] = $user["user_id"];
            $response["user"]["name"] = $user["name"];
            $response["user"]["email"] = $user["login_id"];
            $response["user"]["phone"] = $user["user_phone"];
            $response["user"]["gender"] = $user["gender"];
            $response["user"]["dob"] = $user["dob"];
            $response["user"]["img"] = $user["image_url"];
            echo json_encode($response);
        } else {
            // user not found
            // echo json with error = 1
            $response["error"] = 1;
            $response["error_msg"] = "Incorrect email or password!";
            echo json_encode($response);
        }
    } else {
        echo "Invalid Request";
    }
} else {
    echo "Access Denied";
}
?>
